This module provides a list of the TCP and UDP ports that Cisco Unified Presence Release 7.x uses for intracluster connections and for communications with external applications or devices. It provides important information for the configuration of firewalls, Access Control Lists (ACLs), and quality of service (QoS) on a network when an IP Communications solution is implemented.

Note: Cisco has not verified all possible configuration scenarios for these ports. If you are having configuration problems using this list, contact Cisco technical support for assistance.

While virtually all protocols are bidirectional, this document gives directionality from the session originator perspective. In some cases, the administrator can manually change the default port numbers, though Cisco does not recommend this as a best practice. Be aware that Cisco Unified Presence opens several ports strictly for internal use.

Ports that are described in this section apply specifically to Cisco Unified Presence Release 7.x. Some ports change from one release to another, and future releases may introduce new ports. Therefore, make sure that you are using the correct version of this document for the version of Cisco Unified Presence that is installed.

Configuration of firewalls, ACLs, or QoS will vary depending on topology, placement of devices and services relative to the placement of network security devices, and which applications and telephony extensions are in use. Also, bear in mind that ACLs vary in format with different devices and versions.

Allows the Directory protocol to integrate with the external Corporate Directory. The LDAP port depends on the Corporate Directory (389 is the default). In case of Netscape Directory, customer can configure different port to accept LDAP traffic.

External Corporate Directory

Client

LDAPS

TCP

Ephemeral

636

Allows the Directory protocol to integrate with the external Corporate Directory. LDAP port depends on the Corporate Directory (636 is the default).

SNMP Master agent that listens for traps from the native SNMP agent, and forwards to management applications

SNMP Agent

Server

TCP

TCP

7999

Ephemeral

Used as a socket for the cdp agent to communicate with the cdp binary

SNMP Agent

Server

TCP

TCP

7161

Ephemeral

Used for communication between the SNMP master agent and subagents

SNMP Trap

Client

SNMP

UDP

Ephemeral

162

Sends SNMP traps to management applications

SNMP Trap

Server

SNMP

UDP

Configurable

61441

Internal SNMP trap receiver

Racoon Server Requests

Racoon

Server

UDP

500

Ephemeral

Enables Internet Security Association and the Key Management Protocol

System Service Requests

System Service

Server

XML

TCP

8888 & 8889

Internal port. Localhost traffic only. Used to listen to clients communicating with the Service Manager (servM).

DNS Requests

DNS

Client

UDP

Ephemeral

53

Internal port. Localhost traffic only.

SSH/SFTP Requests

SSH / SFTP

Server

SSH / SFTP

TCP

22

Ephemeral

Used by many applications to get command line access to the server. Also used between nodes for certificate and other file exchanges (sftp)

ICMP Requests

ICMP

Server

ICMP

IP

Not Applicable

Ephemeral

Used to communicate with the Cisco Unified Communications Manager server

NTP Requests

NTP

Client

UDP

Ephemeral

123

Cisco Unified Communications Manager is the acting NTP server. Used by subscriber nodes to synchronize time with the publisher node.

Microsoft Exchange Notify Requests

Microsoft Exchange Notify

HTTP (HTTPu)

UDP/IP

CUP server port (default 50020)

Ephemeral

This port is where Microsoft Exchange sends any notifications (using NOTIFY message) to indicate a change to a particular subscription identifier for calendar events. Used to integrate with any Exchange server in the network configuration. The default port is 50020, but users can assign another port if it is not already in use.